KDE K-Mail allows local users to gain privileges via a symlink attack in temporary user directories.
Max CVSS
4.6
EPSS Score
0.04%
Published
2000-01-04
Updated
2008-09-09
KDE klock allows local users to kill arbitrary processes by specifying an arbitrary PID in the .kss.pid file.
Max CVSS
4.6
EPSS Score
0.04%
Published
1998-11-18
Updated
2016-10-18
KDE allows local users to execute arbitrary commands by setting the KDEDIR environmental variable to modify the search path that KDE uses to locate its executables.
Max CVSS
7.2
EPSS Score
0.04%
Published
1998-11-18
Updated
2016-10-18
KDE kppp allows local users to create a directory in an arbitrary location via the HOME environmental variable.
Max CVSS
2.1
EPSS Score
0.04%
Published
1998-11-18
Updated
2016-10-18
Buffer overflow in kscreensaver in KDE klock allows local users to gain root privileges via a long HOME environmental variable.
Max CVSS
7.2
EPSS Score
0.04%
Published
1998-05-16
Updated
2017-12-19
Buffer overflow in kppp in KDE allows local users to gain root access via a long -c (account_name) command line argument.
Max CVSS
7.2
EPSS Score
0.04%
Published
1998-04-29
Updated
2017-12-19
Buffer overflow in kppp in KDE allows local users to gain root access via a long PATH environmental variable.
Max CVSS
7.2
EPSS Score
0.05%
Published
1998-11-18
Updated
2017-12-19
KDE file manager (kfm) uses a TCP server for certain file operations, which allows remote attackers to modify arbitrary files by sending a copy command to the server.
Max CVSS
5.0
EPSS Score
0.27%
Published
1997-05-05
Updated
2017-12-19
Vulnerability in KDE konsole allows local users to hijack or observe sessions of other users by accessing certain devices.
Max CVSS
7.2
EPSS Score
0.05%
Published
1999-01-06
Updated
2017-12-19
Screen savers in KDE beta 3 allows local users to overwrite arbitrary files via a symlink attack on the .kss.pid file.
Max CVSS
2.1
EPSS Score
0.04%
Published
1998-02-06
Updated
2017-12-19
KMail in KDE 1.0 provides a PGP passphrase as a command line argument to other programs, which could allow local users to obtain the passphrase and compromise the PGP keys of other users by viewing the arguments via programs that list process information, such as ps.
Max CVSS
4.6
EPSS Score
0.05%
Published
1998-07-11
Updated
2017-12-19
The libmediatool library used for the KDE mediatool allows local users to create arbitrary files via a symlink attack.
Max CVSS
1.2
EPSS Score
0.04%
Published
1999-03-01
Updated
2008-09-10
Vulnerabilities in the KDE kvt terminal program allow local users to gain root privileges.
Max CVSS
7.2
EPSS Score
0.04%
Published
1999-06-01
Updated
2017-10-10
The KDE kscd program does not drop privileges when executing a program specified in a user's SHELL environmental variable, which allows the user to gain privileges by specifying an alternate program to execute.
Max CVSS
7.2
EPSS Score
0.05%
Published
2000-05-16
Updated
2008-09-10
Buffer overflow in KDE kdesud on Linux allows local uses to gain privileges via a long DISPLAY environmental variable.
Max CVSS
7.2
EPSS Score
0.05%
Published
2000-05-27
Updated
2008-09-10
Buffer overflow in KDE Kmail allows a remote attacker to cause a denial of service via an attachment with a long file name.
Max CVSS
5.0
EPSS Score
0.84%
Published
1999-06-01
Updated
2017-10-10
The KApplication class in the KDE 1.1.2 configuration file management capability allows local users to overwrite arbitrary files.
Max CVSS
7.2
EPSS Score
0.04%
Published
2000-05-31
Updated
2017-10-10
Format string vulnerability in kvt in KDE 1.1.2 may allow local users to execute arbitrary commands via a DISPLAY environmental variable that contains formatting characters.
Max CVSS
7.2
EPSS Score
0.05%
Published
2000-12-19
Updated
2008-09-05
kfm as included with KDE 1.x can allow a local attacker to gain additional privileges via a symlink attack in the kfm cache directory in /tmp.
Max CVSS
4.6
EPSS Score
0.04%
Published
2001-08-02
Updated
2017-12-19
KDE ktvision 0.1.1-271 and earlier allows local attackers to gain root privileges via a symlink attack on a user configuration file.
Max CVSS
7.2
EPSS Score
0.04%
Published
2001-10-18
Updated
2017-12-19
klprfax_filter in KDE2 KDEUtils allows local users to overwrite arbitrary files via a symlink attack on the klprfax.filter temporary file.
Max CVSS
4.6
EPSS Score
0.04%
Published
2001-12-14
Updated
2017-07-11
KICQ 2.0.0b1 allows remote attackers to cause a denial of service (crash) via a malformed message.
Max CVSS
5.0
EPSS Score
3.82%
Published
2002-05-16
Updated
2016-10-18
Kmail 1.2 on KDE 2.1.1 allows remote attackers to cause a denial of service (crash) via an email message whose body is approximately 55 K long.
Max CVSS
5.0
EPSS Score
0.56%
Published
2002-06-25
Updated
2016-10-18
The SSL capability for Konqueror in KDE 3.0.2 and earlier does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack.
Max CVSS
7.5
EPSS Score
1.13%
Published
2002-09-24
Updated
2017-10-10
The cross-site scripting protection for Konqueror in KDE 2.2.2 and 3.0 through 3.0.3 does not properly initialize the domains on sub-frames and sub-iframes, which can allow remote attackers to execute script and steal cookies from subframes that are in other domains.
Max CVSS
7.5
EPSS Score
1.16%
Published
2002-10-11
Updated
2016-10-18
189 vulnerabilities found
1 2 3 4 5 6 7 8
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!